Hello! I'm emplementing service to service application: a weekly report generator using ruby and google-client-api library.
Everytghing was fine except for today when querying stopped working with error "invalid_grant". Here is my code:
class GoogleClient
attr_reader :credentials, :client
def initialize(credentials)
@credentials = credentials
@client = Google::APIClient.new()
fetch_api_token!
end
def fetch_api_token!
# Load our credentials for the service account
key = Google::APIClient::KeyUtils.load_from_pkcs12(credentials['key_file'], credentials['key_secret'])
@client.authorization = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:audience => 'https://accounts.google.com/o/oauth2/token',
:scope => 'https://www.googleapis.com/auth/analytics.readonly',
:issuer => credentials['service_account_email'],
:signing_key => key)
# Request a token for our service account
@client.authorization.fetch_access_token!
end
end
1) does my application use refresh token? if so do I need to store it and reuse for every request?
2) do I need to use A JWT authorization instead of signet for service-to-service application? again, do I need to deal with refresh token - store it and supply with every request with JWT authorization?